quasar | 6a451e666a6954fe837bacd4d1e66cd45bf4c60a0ac61fa1a8e358c4f64d4edb | Triage

Sharing

General

Target

1264-58-0x0000000000400000-0x0000000000484000-memory.dmp
Size

528KB
Sample

230311-w494nacf6t
MD5

c3f96732b38cc7743551b2a48d6e0905
SHA1

df613e8141bc4a8ea1787cbc304546012831137f
SHA256

6a451e666a6954fe837bacd4d1e66cd45bf4c60a0ac61fa1a8e358c4f64d4edb
SHA512

1a5f1e6aff1ff02c0ddd631aa6cd014cabad6604bd6c7872c7ca3940e93b580ca5f8e9a6658702a116dbd9ab83dd620f1122fce6a3cc489933e3df435097071a
SSDEEP

12288:/TEgdfYJA6hqH3qVXNTqJO1TGO5ogzYLecd:oUwLq+68TGOegGecd

Score

10^/10

quasar fast

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

Fast

C2

atomic.opdailyallowance.top:6980

Mutex

8794060f-ab80-483d-99e5-cd9b7c5047b7

Attributes

encryption_key
77D64A9E7D6F983A450481EF78D99F3A6B8A5925
install_name
svc_host.exe
log_directory
Logs
reconnect_delay
3000
startup_key
SvcHostFramework
subdirectory
ChromeUpdate

Targets

- Target
  
  1264-58-0x0000000000400000-0x0000000000484000-memory.dmp
- Size
  
  528KB
- MD5
  
  c3f96732b38cc7743551b2a48d6e0905
- SHA1
  
  df613e8141bc4a8ea1787cbc304546012831137f
- SHA256
  
  6a451e666a6954fe837bacd4d1e66cd45bf4c60a0ac61fa1a8e358c4f64d4edb
- SHA512
  
  1a5f1e6aff1ff02c0ddd631aa6cd014cabad6604bd6c7872c7ca3940e93b580ca5f8e9a6658702a116dbd9ab83dd620f1122fce6a3cc489933e3df435097071a
- SSDEEP
  
  12288:/TEgdfYJA6hqH3qVXNTqJO1TGO5ogzYLecd:oUwLq+68TGOegGecd
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2